NFS-server and firewall
Thom Paine
thom at customnetworks.ca
Thu Aug 12 14:15:58 UTC 2004
On Thu, 2004-08-12 at 09:32, Jacob (=Jouk) Jansen wrote:
> Hi all,
>
> Today I tried to enable the NFS-server on one of our FC2 machines. Up to now
> I only succeeded when I switched off the firewall on the machine.
>
> I normally use the "systemsettings --> Security level" menu from the desktop.
> The resulting "Security level configuration" window only allows a few
> "trusted services" (NFS not amogst them), "trusted devices" and "other ports".
> Probably the best way is to insert some port-numbers. But which ones should
> I allow? It is just a "standard" NFS configuration, with "standard" ports.
>
I use a script from http://muse.linuxmafia.org. It's called gShield and
it's a really nice package. The .conf files are well commented and it
supports NFS directly in the gshield.conf file.
You can add in a whole boatload of your own stuff, but I haven't touched
on that much. I've been mucking around with bittorrent a bit, but I
don't have it running 100%.
This script saves me learning everything there is to know about
iptables, yet keeps the machine relatively secure.
More information about the fedora-list
mailing list